• Github page where you can download Windows VMs legally then hack your way through them through an unpatched vulnerability or setting up a vulnerable software.

  • /dev/random: Sleepy uses VulnInjector, need to provide you own ISO and key.

  • Bobby: 1 uses VulnInjector, need to provide you own ISO and key.

Ubuntu pentest setup

Threat hunting linux mitr att&ck framework

Bug Bounty Tips, Cheat Sheets, and Resources

C2Hack, sharing tips and tricks for pentesters

Creating a CTF

Step 1 - CTF-Box - CTF Box Creating with Virtual Box and Windows XP

Step 2 - CTF Box - Setup Debian OS Box

Step 3 - CTF Box - Setup the Environment inside the CTF Box

Step 4 - CTF Box - Deploy vulnerable web application and export created CTF box

Step 5 - CTF Box - Export and Import CTF Box to Virtual Box

Step 6 - CTF Box - Penetration Testing with File Upload vulnerability in created CTF box

Awesome Opensource

OSCP Write-ups

Linux Bash Shell | Automating the Host Discovery Process

Personal Security Checklist

Becoming a Penetration Tester/Hacker

Interesting Recon Script (Windows)

Malware Analysis Video (Windows)

Buffer Overflows

Fully automated offensive security framework for reconnaissance and vulnerability scanning

Rawsec's CyberSecurity Inventory: A inventory of tools and resources about CyberSecurity.

Playing with file extensions in Windows. How to make ".exe" look like ".txt"

Lets say we have an “evil.bat”. Any capable user won’t be clicking on that!

You can use the special character “Right to Left Override” (U+202E) in the middle of the filename to hide the extension.

Type: “notevil.” Then add the special character, then for example type “cod.bat” which is shown as tab.doc due to the Right to Left overrride. The resulting filename would be: Notevil‭.‭‮cod.bat

but it would be opened as notevil.cod.bat (try selecting the Notevil‭.‭‮cod.bat

Please note that Windows Defender on the latest patch on Windows 10 does notice this and flags it as a virus. Most other vendors do not.

Parse and convert Nessus, Nmap (and more tools) to XLSX, CSV

Updated Vulnhub VMs (OSCP-Like)

Useful Git repo for Kali

Kali tools help pages

Nullbyte videos

Free iOS Reverse Engineering Course

Windows Enumeration Scripts

J.A.W.S - Just another windows script windows exploit suggester Sherlock.ps1

Red Teaming Toolkit

Free PowerShell Master Class

NFS privesc

Google Dorks

HTB Metasploit

Free training

Buffer Overflow Attack Tutorial

OSCP Powershell Reverse Listener

Sudo privesc script

Automated Web Application Testing

Defeating IDS and Firewalls Video

NSA Python Course

Pentesting Organization

Shodan Hacking Guide

Red Team Laptop and Infrastructure

Introduction To Modern Routing For Red Team Infrastructure - using Traefik, Metasploit, Covenant and Docker

20 Tools Blue Teamers should Have

CTFs with Nginx and Docker